US4590552A - Security bit for designating the security status of information stored in a nonvolatile memory - Google Patents

Security bit for designating the security status of information stored in a nonvolatile memory Download PDF

Info

Publication number
US4590552A
US4590552A US06/393,954 US39395482A US4590552A US 4590552 A US4590552 A US 4590552A US 39395482 A US39395482 A US 39395482A US 4590552 A US4590552 A US 4590552A
Authority
US
United States
Prior art keywords
data
instructions
nonvolatile memory
information transfer
external interface
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
US06/393,954
Inventor
Karl M. Guttag
Steve Nussrallah
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Texas Instruments Inc
Original Assignee
Texas Instruments Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Texas Instruments Inc filed Critical Texas Instruments Inc
Priority to US06/393,954 priority Critical patent/US4590552A/en
Assigned to TEXAS INSTRUMENTS INCORPORATED, A CORP. OF DE reassignment TEXAS INSTRUMENTS INCORPORATED, A CORP. OF DE ASSIGNMENT OF ASSIGNORS INTEREST. Assignors: GUTTAG, KARL M., NUSSRALLAH, STEVE
Priority to JP58116271A priority patent/JPS5911600A/en
Application granted granted Critical
Publication of US4590552A publication Critical patent/US4590552A/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/1425Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
    • G06F12/1433Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a module or a part of a module

Definitions

  • This invention is related to digital processing system architecture and more specifically to the protection of information stored in digital processing systems.
  • a digital processing device includes a nonvolatile memory for the storage of data and instructions that define operations on the data.
  • An inhibit logic interface is connected to the memory.
  • An information bus is provided that is connected to the inhibit logic interface and is also connected to a central processing unit that performs operations on the data.
  • the information transfer bus provides the transfer of information between the memory and the central processing unit.
  • An external interface is attached to the information bus to transfer information to and from external devices connected to the external interface. At least one security bit is provided for designating the security status of information stored in the memory.
  • Address logic is connected to the information bus to determine when information is being accessed from the memory.
  • a security control circuit is provided that is connected to the address logic and to the security bit and also connected to the central processing unit for determining when instructions are being fetched by the central processing unit and when information is being accessed from the memory.
  • the security control circuitry is connected to the inhibit logic interface and inhibits the information bus access to the memory during selected operations in the central processing unit.
  • a digital processing device in a preferred embodiment, includes a nonvolatile memory, a random access memory, a central processing unit, and an information bus connected to the nonvolatile memory and the central processing unit.
  • An external interface providing access to external devices is also connected to the information transfer bus.
  • An inhibit logic interface is provided between the nonvolatile memory and the information bus.
  • At least one security bit is provided that designates the security status of information stored in the nonvolatile memory and also information stored in a selected portion of the random access memory.
  • Address logic is provided that is connected to the information bus to determine if information is being accessed from the nonvolatile memory and the selected portions of the random access memory.
  • Security control circuitry is provided that is connected to the central processing unit to determine when an instruction is being fetched and is connected to the address logic to determine when information is being accessed from the nonvolatile memory or from the selected portions of the random access memory.
  • the security control logic circuitry is also connected to the inhibit logic interface to selectively inhibit the interface to the nonvolatile memory when selected operations are being executed in a central processing unit.
  • FIG. 1 is a block diagram of a computer architecture illustrating the placement of programmable security bit adjacent to nonvolatile memory connected to an information bus.
  • FIG. 2 is a block diagram of a digital processing system illustrating inhibit interfaces located between the information bus, nonvolatile memory and a temporary storage memory.
  • FIG. 3 is a block diagram of a digital processing system illustrating the nonvolatile memory connected to an information bus that is connected to address logic to maintain the security status of information on the information bus.
  • FIG. 4 is a cross sectional view of a simple field effect transistor illustrating the channel region.
  • This invention is for microcomputer or microprocessor chips that have on chip memory.
  • the purpose of this invention is to prevent the examination of on chip memory by external (off chip) devices.
  • microcomputer chips usually include an address bus and data bus consisting of several parallel lines for the transfer of information. Some microcomputer chips may multiplex (time share) both address and data information on the same bus. This invention is applicable to both types and generally to any type of microcomputer chip that includes an external interface that could provide information as to the contents of the on chip memory.
  • This embodiment is implemented with a computer system that includes both on chip and off chip memory.
  • the off chip memory is accessed by an on chip central processing unit (CPU) via the same data and address an address buses as accesses the on chip memory.
  • CPU central processing unit
  • This type of computer architecture is fairly common in recent microcomputer systems.
  • An example of such a computer architecture is containied in U.S patent application Ser. No. 210,109, filed 11-24-80 now U.S. Pat. No. 4,402,044 entitled, "Microprocessor with Strip Layout of Buses ALU. and Registers" by Kevin C. McDonough, and Karl M. Guttag which is herein incorporated by reference.
  • FIG. 1 is a block diagram of a microcomputer chip containing programmable nonvolatile memory 7 and random access memory (RAM) 8 connected to a CPU 1 via an address bus 9 and data bus 10.
  • the address bus 9 and data bus 10 are also connected to an external interface 11 containing line drivers to transmit and receive address and data information from external devices. It is customary for this external interface 11 to include logic to enable a handshaking or interface protocol to other peripherals.
  • Adjacent to nonvolatile memory 7 are guard bits 3, 4, 5 and 6. These guard bits 3, 4, 5 and 6 may be programmed by the CPU 1 and protect information contained in nonvolatile memory 7.
  • a portion of the RAM 8 may also be protected. This is shown symbolically in FIG.
  • This protected subset may be as large as the RAM itself.
  • address logic 13 connected to the address bus 9. This logic together with the guard bits 3, 4, 5, and 6 are inputted to external interface inhibit logic 12 that controls the external interface 11.
  • the inhibit logic 12 enables and disables the external interface 11 such that when the interface 11 is disabled, the external devices connected to external interface 11 will not be able to access information that is contained on the address bus 9 and data bus 10.
  • the external interface 11 is enabled, however, the external devices connected to the address bus 9 and data bus 10 are able to communicate with both buses.
  • This invention protects the information contained in the nonvolatile memory 7 and RAM area 14 by determining when instructions from these protected areas in the memory 7 or RAM area 14 are being accessed.
  • address logic 13 When instructions or data from the protected area are being accessed, the address logic 13 will provide an input to the inhibit logic 12. When the protected memory is accessed and the guard bit is set, then the interface 11 is disabled such that neither the address or data appears to any external device connected to the external interface 11.
  • Address logic 13 monitors the address bus 9. The address bus is inputted to decoding circuitry to detect when information in either the memory 7 or the restricted area of RAM 14 is being addressed.
  • This decoding circuitry can include an array of individual logic gates, input states or a programmed logic array to detect certain input states. Additional versatility can be achieved by using storage capability in the address logic 13 to store ranges of protected addresses together with comparison logic to detect addresses on the address bus 9 within the protected range.
  • the external interface inhibit logic 12 will also receive inputs from the guard bits 3, 4, 5 and 6. This information is "ANDed” to determine if the external interface 11 should be disabled. Specifically, in the preferred embodiment, the guard bits 3, 4, 5 and 6 are “ORed” and this result is “ANDed” with the output from the address logic 13. Therefore, if a protected area in memory is accessed, then the external interface inhibit logic 12 examine the protext bits. If any of the protect bits are set, then the external interface 11 is disabled preventing any access to on chip memory by an external device. If, of course, an external device is addressed, then the address logic 13 will not provide an input to the external interface inhibit logic 12 and the external interface 11 will be enabled to allow the CPU 1 to read and write from the external peripheral.
  • guard bits or "lock bits” While four of the programmable guard bits or "lock bits” are shown as bit locations 3, 4, 5 and 6, any number of such bits can be placed in locations in or adjacent to the nonvolatile memory 7. In the early stages of the computer chip development, these bits were not programmed (remaining 0) in order to allow the program developers to read and to write all locations of protected memory by an external device (i.e., a development system or testing the device in production). Once the program contained on the chip in erasable nonvolatile memory 7 had been developed, the "lock bits” or “guard bits” 3, 4, 5 and 6 are programmed to prevent access to the nonvolatile memory 7 and protected RAM 14 by an external user. The bits 3, 4, 5 and 6 can be erased.
  • guard bits 3, 4, 5 and 6 are "ORed", if any single lock bit is set, then the inhibit logic 12 will disable the external interface 11, preventing access to the nonvolatile memory 7 and protected RAM 14. Therefore all of the guard bits must be erased without erasing any nonvolatile.
  • These guard bits 3, 4, 5 and 6 can be located to ensure that the total nonvolatile memory 7 must be erased in order to gain access to the nonvolatile memory 7. A metal cover for these bit locations can be fabricated over the bit locations during manufacture of the chip to prevent the erasure of these guard bit locations 3, 4, 5 and 6.
  • guard bits 3, 4, 5 and 6 can be accomplished by either the execution of an instruction in the CPU 1 or by exercising on chip control logic. Once these guard bits are set, then protection is provided for the on chip software. By protecting only a portion of the RAM 8, such as protected area 1, the remaining part of RAM 8 may be used by CPU 1 as a scratch pad for software being executed from and external peripheral through the external interface 11. This allows greater versatility for the on chip CPU 1 in executing external software.
  • the above invention has been disclosed implemented in a computer architecture that provided off chip access to the address and data buses. However, it should be apparent to one skilled in the art that external devices need not access the address and data buses to determine what software is contained in the on chip memory. By clever manipulation of on chip memory and the on chip CPU, an intelligent programmer may be able to determine the contents of the on chip memory by observing the chip output ports.
  • the invention as disclosed using the guard bits and protected address logic serves to prevent the disclosure of the protected on chip software by selectively preventing the output of information when the CPU is performing a set of instructions involving access to on chip memory.
  • FIG. 2 contains a similar architecture to FIG. 1 in that the CPU 1 is connected via a data bus 10 and address bus 9 to two internal memories, including a memory 7 and RAM 8. Guard bits 3, 4, 5 and 6 are adjacent to memory 7.
  • the address bus 9 and data bus 10 are connected to an external interface 11 which provides the address and data information to external peripherals connected to the computer chip.
  • Address logic 23 is attached to the address bus 9.
  • Instruction acquisition logic 20 is attached to the CPU 1.
  • Disabling buffers 21 for the memory and 22 for the RAM are attached to the address bus 9 interface to the memory 7 and RAM 8, respectively.
  • Inhibit logic 12 for the external interface 11 is attached as shown in FIG. 1.
  • the instruction acquisition logic 20 determines when an instruction acquisition is taking place by monitoring the microcode of the CPU 1.
  • the instruction acquisition logic 20 can consist of decode logic to determine when the CPU 1 is fetching an instruction or can consist of a latch connected to a microcode signal that designates an instruction fetch.
  • An example control signal is IAQ as described in the patent application previously referenced (patent application Ser. No. 210,109).
  • Logic 20 when determining that an instruction acquisition is taking place provides a signal to disabling logic blocks 21, 22 and 12.
  • the guard bits are also inputted to disabling logic blocks 21, 22 and 12.
  • This instruction acquisition signal is ANDed in the disabling logic blocks 21, 22 and inhibit logic 12 with a signal from the address logic 23.
  • Address logic 23 is similar to address logic 13 except that address logic 23 provides an input to inhibit logic blocks 12, 21 and 22 when an off chip memory location is being addressed or when on chip protected memory is being accessed.
  • the memory interface disable logic 21 and RAM disable logic 22 disables access to the memory 7 or a portion of the RAM 8 by the external instruction preventing off chip instructions from including accessing on chip protected memory. Additionally, if an instruction from protected memory 7 or protected RAM 14 is accessed, the instruction acquisition signal from logic 20 and the address logic 23 is ANDed with the guard bits 3, 4, 5 and 6 in logic 12 to inhibit the external interface 11 while the instruction is on the data bus 10. This prevents peripheral circuitry from viewing what instructions are being accessed from protected memory.
  • FIG. 3 A further security configuration is illustrated in FIG. 3.
  • the CPU 1 is connected to a memory 7 and a RAM 8 via data bus 10 and address bus 9.
  • the address bus 9 and data bus 10 are connected to the external interface 11 which is controlled by external interface inhibit logic 12.
  • address logic 31 Also connected to the address bus 9 is address logic 31.
  • Guard bits 3, 4, 5 and 6 are located adjacent to the memory 7.
  • the invention allows a selected area of RAM symbolized by area 14 in RAM 8 to be protected.
  • the external interface is disabled during any operation that allows access to this data on the address bus 9 and data bus 10.
  • the address logic 31 monitors the CPU 1 via line 30 to determine when the source operand and destination operand are being fetched. This address logic 31 examines the address of the source operand and the destination operand to determine if either the source destination operand or destination operand originates from a protected memory area. If the operand is obtained from a protected area and the guard bits 3, 4, 5 and 6 are set, the inhibit logic 12 disables the external interface 11 for the address bus 9 and data bus 10 to prevent an external device from determining what the instruction operands are. In addition, a latch is set in inhibit logic 12 to continually disable the external interface 11 while the operation on the protected data is taking place. In addition, this data can be tagged.
  • the address logic 31 sets an additional bit in memory for that operand when that operand is stored in a nonprotected memory. Therefore when this data is read from an unprotected memory, it contains the additional bit which tags it as protected data which causes the address logic 31 to generate a disable command over line 32 to the inhibit logic 12.
  • the address logic 31 monitors the data bus 10 via line 33 to determine when tagged data is being accessed. When the tag bit is set for data, the latch in inhibit logic 12 is set. This latch is reset when protection is no longer being processed by CPU 1. In this manner, the data stored in memory 7 and selected portions of RAM memory 8 can be protected continually through the operations involving this data and furthermore, data which derives from the computation of protected data will become protected data and be secure from external examination.
  • the tagged memory is a versatile protection scheme. Only memory that is tagged is protected (i.e. forces an inhibit of access) and untagged memory is not protected. The protection of memory is therefore a function of the program requiring protected memory.
  • Another variation of the tagged data protection technique involves the determination of the origin of the source and destination operands for each instruction. If the tag of either operand is set then the result of the instruction execution will be tagged and protected.
  • the address logic 31 monitors the fetch of operands over the data bus 10 via line 33 as before. When either the source or destination operand is tagged, the CPU 1 will tag the result causing the inhibit logic 12 to disable the external interface 11 when the results are being stored. It should be noted that this tag technique does not require guard bits 3, 4, 5 and 6. Since the tag of each word in memory designates the security status, this variation allows for dynamic protected memory allocation. This feature is advantageous in programs where the requirements for protected or unprotected memory vary widely during program execution.
  • FIG. 4 illustrates a simple metal oxide silicon field effect transistor (or insulated gate field effect transistor) including a gate area 40 placed above a gate oxide insulator 41 which is located between a source 42 and drain 44 on a semiconductor substrate 43.
  • the area 45 between the source and drain and directly underneath the gate and gate insulator is normally considered to be the channel of the field effect transistor. That is, when the gate 40 becomes properly charged, a channel develops in area 45 allowing current flow between the source 42 and drain 44.
  • 4,230,504 entitled “Method of Making Implant Programmable N Channel ROMs” can be used to inhibit a current flow between source and drain during normal operation of the field effect transistor.
  • the gate 40 when the gate 40 is turned on, there will be no current conduction through the channel in area 45. Therefore, even though the gate 40 is present and turned on, the field effect transistor is off. Exterior examination of the field effect transistor cannot determine whether the field effect transistor device has been implanted by such a method. Therefore if a ROM is fabricated using such a technique, it is very difficult for someone other than the manufacturer to determine what the actual status of the ROM is by examining it physically.
  • the implant method can be used in manufacturing the ROM that contains the microcode for a computer chip.
  • a computer configuration is described in U.S. patent application Ser. No. 253,644, filed 4-13-81, now U.S. Pat. No. 4,441,044 entitled "Self-Emulator Microcomputer” by Robert C. Thaden et al herein incorporated by reference.
  • This application describes a computer configuration that contains both a program memory ROM and a control ROM.
  • the program memory ROM contains the instructions for the program to be executed by the computer and is analogous to the EPROM 7 in FIGS. 1, 2 and 3.
  • this computer configuration described also includes a control ROM.
  • the control ROM is used to decode the instructions contained in the program ROM into control signals which controls the operation of the central processing unit internal components.
  • One embodiment would combine the guard bit configuration with the use of enciphered software stored externally.
  • the software stored internally would decipher the external software and store the deciphered software in the internal RAM.
  • the CPU then executes all the deciphered software stored internally.
  • the internally stored nonvolatile memory may include interpretive software to interpret a higher order level language software stored externally.
  • the interpreted programs are stored on the on chip RAM to be executed by the on chip RAM to be executed by the on chip CPU.

Abstract

A digital processing device implemented on a single semiconductor substrate includes an nonvolatile memory for the storage of data and instructions that define operations on the data. The memory is connected to an inhibit logic interface which is in turn connected to an information bus. The information bus is connected to a central processor that performs the operations on data. An external interface is also connected to the information bus to provide information on the information bus to external devices. At least one security bit is provided for designating security status of information stored in the memory. Address logic is connected to the information bus to determine when information is being accessed from the memory. Security control circuitry is also provided and is connected to the central processing unit, the address logic, to determine when an instruction is being fetched by the central processing unit and if the instruction is being fetched from the memory. The security control circuitry is connected to the inhibit logic interface to inhibit the information bus interface to the memory during selected operations in the central processing unit.

Description

RELATED CASES
Related patent applications to the present application include Ser. No. 393,955, now U.S. Pat. No. 4,521,852; Ser. No. 393,957; and Ser. No. 393,956, now U.S. Pat. No. 4,521,853, all filed concurrently herewith.
BACKGROUND
1. Field of the Invention:
This invention is related to digital processing system architecture and more specifically to the protection of information stored in digital processing systems.
2. Description of the Prior Art:
In the past, the development of computer programs for computers has been an extensive and time consuming task. The developers of computer programs recover the cost of such development by selling the programs. However, this is difficult to accomplish if the programs can be easily copied and used in the computer without paying the program developers.
One system of protecting programs is disclosed in U.S. Pat. No. 4,139,893 entitled "Calculator Program Security System" by Sydney W. Poland and assigned to Texas Instruments Incorporated. This patent discloses a technique that disables the downloading of a program stored in a read only memory used in a calculator. A security word or bit is located in the read only memory and if a bit in the security word is set, the calculator will not download the contents of the read only memory. Obviously, one properly skilled could circumvent this security method by using a device that does not read the security bit or react to the security bit being set and just downloads the read only memory.
Another approach to computer protection is contained in U.S. Pat. No. 4,168,396 entitled "Microprocessor for Executing Enciphered Programs" by Robert M. Best. This patent discloses a cryptographic microprocessor that includes real time enciphering and deciphering circuitry in the microprocessor itself. Another patent, U.S. Pat. No. 4,278,837 entitled "Crypto Microprocessor for Executing Enciphered Programs" also by Robert M. Best discloses variations of the cryptographic microprocessor architecture. A third patent by Robert M. Best, U.S. Pat. No. 4,319,079 entitled "Crypto Microprocessor Using Block Cipher" also discloses techniques for use in cryptographic microprocessors. While these techniques using enciphering do accomplish a degree of security, a special microprocessor device including hardware dedicated solely to enciphering and deciphering is required. In addition, the microprocessor device as disclosed do not include internal program memory.
Another approach is described in U.S. Pat. No. 4,120,030 by Jon Stone. In this approach, a conventional microprocessor is used except that the data memory has the data addresses transform such that the data addresses are effectively scrambled and can be unscrambled by the microprocessor in execution. While all these previously mentioned techniques provide software protection, the invention disclosed herein provides software protection for on-chip memory microcomputing devices that are interfaced to external peripheral devices.
Summary
In accordance with the present invention a digital processing device is provided that includes a nonvolatile memory for the storage of data and instructions that define operations on the data. An inhibit logic interface is connected to the memory. An information bus is provided that is connected to the inhibit logic interface and is also connected to a central processing unit that performs operations on the data. The information transfer bus provides the transfer of information between the memory and the central processing unit. An external interface is attached to the information bus to transfer information to and from external devices connected to the external interface. At least one security bit is provided for designating the security status of information stored in the memory. Address logic is connected to the information bus to determine when information is being accessed from the memory. A security control circuit is provided that is connected to the address logic and to the security bit and also connected to the central processing unit for determining when instructions are being fetched by the central processing unit and when information is being accessed from the memory. The security control circuitry is connected to the inhibit logic interface and inhibits the information bus access to the memory during selected operations in the central processing unit.
In a preferred embodiment, a digital processing device is provided that includes a nonvolatile memory, a random access memory, a central processing unit, and an information bus connected to the nonvolatile memory and the central processing unit. An external interface providing access to external devices is also connected to the information transfer bus. An inhibit logic interface is provided between the nonvolatile memory and the information bus. At least one security bit is provided that designates the security status of information stored in the nonvolatile memory and also information stored in a selected portion of the random access memory. Address logic is provided that is connected to the information bus to determine if information is being accessed from the nonvolatile memory and the selected portions of the random access memory. Security control circuitry is provided that is connected to the central processing unit to determine when an instruction is being fetched and is connected to the address logic to determine when information is being accessed from the nonvolatile memory or from the selected portions of the random access memory. The security control logic circuitry is also connected to the inhibit logic interface to selectively inhibit the interface to the nonvolatile memory when selected operations are being executed in a central processing unit.
BRIEF DESCRIPTION OF THE DRAWINGS
The novel features believed characteristic of the invention are set forth in the appended claims. The invention itself, however, as well as other features and advantages thereof, will be best understood by reference to the detailed description which follows, read in conjunction with the accompanying drawings wherein:
FIG. 1 is a block diagram of a computer architecture illustrating the placement of programmable security bit adjacent to nonvolatile memory connected to an information bus.
FIG. 2 is a block diagram of a digital processing system illustrating inhibit interfaces located between the information bus, nonvolatile memory and a temporary storage memory.
FIG. 3 is a block diagram of a digital processing system illustrating the nonvolatile memory connected to an information bus that is connected to address logic to maintain the security status of information on the information bus.
FIG. 4 is a cross sectional view of a simple field effect transistor illustrating the channel region.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT
This invention is for microcomputer or microprocessor chips that have on chip memory. The purpose of this invention is to prevent the examination of on chip memory by external (off chip) devices.
These microcomputer chips usually include an address bus and data bus consisting of several parallel lines for the transfer of information. Some microcomputer chips may multiplex (time share) both address and data information on the same bus. This invention is applicable to both types and generally to any type of microcomputer chip that includes an external interface that could provide information as to the contents of the on chip memory.
This embodiment is implemented with a computer system that includes both on chip and off chip memory. The off chip memory is accessed by an on chip central processing unit (CPU) via the same data and address an address buses as accesses the on chip memory. In the normal execution of instructions, without consideration of security, the CPU cannot differentiate between on chip and off chip memory access. This type of computer architecture is fairly common in recent microcomputer systems. An example of such a computer architecture is containied in U.S patent application Ser. No. 210,109, filed 11-24-80 now U.S. Pat. No. 4,402,044 entitled, "Microprocessor with Strip Layout of Buses ALU. and Registers" by Kevin C. McDonough, and Karl M. Guttag which is herein incorporated by reference. Security problems arise with such a system since a program in off chip memory can enable an intelligent programmer to read or dump the on chip memory. This security requirement is also important when the programmer is writing into an on chip nonvolatile memory such as an electrically programmable read only memory (EPROM), a program which is desired to be kept confidential.
A version of this invention is illustrated in FIG. 1. FIG. 1 is a block diagram of a microcomputer chip containing programmable nonvolatile memory 7 and random access memory (RAM) 8 connected to a CPU 1 via an address bus 9 and data bus 10. The address bus 9 and data bus 10 are also connected to an external interface 11 containing line drivers to transmit and receive address and data information from external devices. It is customary for this external interface 11 to include logic to enable a handshaking or interface protocol to other peripherals. Adjacent to nonvolatile memory 7 are guard bits 3, 4, 5 and 6. These guard bits 3, 4, 5 and 6 may be programmed by the CPU 1 and protect information contained in nonvolatile memory 7. In addition, a portion of the RAM 8 may also be protected. This is shown symbolically in FIG. 1 as the area 14 shown as the subset of the RAM 8. This protected subset may be as large as the RAM itself. Also provided for security purposes is address logic 13 connected to the address bus 9. This logic together with the guard bits 3, 4, 5, and 6 are inputted to external interface inhibit logic 12 that controls the external interface 11. The inhibit logic 12 enables and disables the external interface 11 such that when the interface 11 is disabled, the external devices connected to external interface 11 will not be able to access information that is contained on the address bus 9 and data bus 10. When the external interface 11 is enabled, however, the external devices connected to the address bus 9 and data bus 10 are able to communicate with both buses. This invention protects the information contained in the nonvolatile memory 7 and RAM area 14 by determining when instructions from these protected areas in the memory 7 or RAM area 14 are being accessed. This is the function of the address logic 13. When instructions or data from the protected area are being accessed, the address logic 13 will provide an input to the inhibit logic 12. When the protected memory is accessed and the guard bit is set, then the interface 11 is disabled such that neither the address or data appears to any external device connected to the external interface 11. Address logic 13 monitors the address bus 9. The address bus is inputted to decoding circuitry to detect when information in either the memory 7 or the restricted area of RAM 14 is being addressed. This decoding circuitry can include an array of individual logic gates, input states or a programmed logic array to detect certain input states. Additional versatility can be achieved by using storage capability in the address logic 13 to store ranges of protected addresses together with comparison logic to detect addresses on the address bus 9 within the protected range. The external interface inhibit logic 12 will also receive inputs from the guard bits 3, 4, 5 and 6. This information is "ANDed" to determine if the external interface 11 should be disabled. Specifically, in the preferred embodiment, the guard bits 3, 4, 5 and 6 are "ORed" and this result is "ANDed" with the output from the address logic 13. Therefore, if a protected area in memory is accessed, then the external interface inhibit logic 12 examine the protext bits. If any of the protect bits are set, then the external interface 11 is disabled preventing any access to on chip memory by an external device. If, of course, an external device is addressed, then the address logic 13 will not provide an input to the external interface inhibit logic 12 and the external interface 11 will be enabled to allow the CPU 1 to read and write from the external peripheral.
While the preferred embodiment includes an address and data bus connected to an external device, this protection technique is applicable to a microcomputer without expandable memory space off chip.
While four of the programmable guard bits or "lock bits" are shown as bit locations 3, 4, 5 and 6, any number of such bits can be placed in locations in or adjacent to the nonvolatile memory 7. In the early stages of the computer chip development, these bits were not programmed (remaining 0) in order to allow the program developers to read and to write all locations of protected memory by an external device (i.e., a development system or testing the device in production). Once the program contained on the chip in erasable nonvolatile memory 7 had been developed, the "lock bits" or "guard bits" 3, 4, 5 and 6 are programmed to prevent access to the nonvolatile memory 7 and protected RAM 14 by an external user. The bits 3, 4, 5 and 6 can be erased. However, in the process of erasing, the whole will be erased. Since the guard bits 3, 4, 5 and 6 are "ORed", if any single lock bit is set, then the inhibit logic 12 will disable the external interface 11, preventing access to the nonvolatile memory 7 and protected RAM 14. Therefore all of the guard bits must be erased without erasing any nonvolatile. These guard bits 3, 4, 5 and 6 can be located to ensure that the total nonvolatile memory 7 must be erased in order to gain access to the nonvolatile memory 7. A metal cover for these bit locations can be fabricated over the bit locations during manufacture of the chip to prevent the erasure of these guard bit locations 3, 4, 5 and 6. Therefore, once these bits are set, they always remain set and even though the memory can be erased, it cannot be accessed by the external interface 11. The setting of these guard bits 3, 4, 5 and 6, can be accomplished by either the execution of an instruction in the CPU 1 or by exercising on chip control logic. Once these guard bits are set, then protection is provided for the on chip software. By protecting only a portion of the RAM 8, such as protected area 1, the remaining part of RAM 8 may be used by CPU 1 as a scratch pad for software being executed from and external peripheral through the external interface 11. This allows greater versatility for the on chip CPU 1 in executing external software.
The above invention has been disclosed implemented in a computer architecture that provided off chip access to the address and data buses. However, it should be apparent to one skilled in the art that external devices need not access the address and data buses to determine what software is contained in the on chip memory. By clever manipulation of on chip memory and the on chip CPU, an intelligent programmer may be able to determine the contents of the on chip memory by observing the chip output ports. The invention as disclosed using the guard bits and protected address logic serves to prevent the disclosure of the protected on chip software by selectively preventing the output of information when the CPU is performing a set of instructions involving access to on chip memory.
Another architecture that provides software security is illustrated in FIG. 2. FIG. 2 contains a similar architecture to FIG. 1 in that the CPU 1 is connected via a data bus 10 and address bus 9 to two internal memories, including a memory 7 and RAM 8. Guard bits 3, 4, 5 and 6 are adjacent to memory 7. In addition the address bus 9 and data bus 10 are connected to an external interface 11 which provides the address and data information to external peripherals connected to the computer chip. Address logic 23 is attached to the address bus 9. Instruction acquisition logic 20 is attached to the CPU 1. Disabling buffers 21 for the memory and 22 for the RAM are attached to the address bus 9 interface to the memory 7 and RAM 8, respectively. Inhibit logic 12 for the external interface 11 is attached as shown in FIG. 1. The instruction acquisition logic 20 determines when an instruction acquisition is taking place by monitoring the microcode of the CPU 1. The instruction acquisition logic 20 can consist of decode logic to determine when the CPU 1 is fetching an instruction or can consist of a latch connected to a microcode signal that designates an instruction fetch. An example control signal is IAQ as described in the patent application previously referenced (patent application Ser. No. 210,109). Logic 20 when determining that an instruction acquisition is taking place provides a signal to disabling logic blocks 21, 22 and 12. The guard bits are also inputted to disabling logic blocks 21, 22 and 12. This instruction acquisition signal is ANDed in the disabling logic blocks 21, 22 and inhibit logic 12 with a signal from the address logic 23. Address logic 23 is similar to address logic 13 except that address logic 23 provides an input to inhibit logic blocks 12, 21 and 22 when an off chip memory location is being addressed or when on chip protected memory is being accessed. If an instruction is being fetched from off chip, then the memory interface disable logic 21 and RAM disable logic 22 disables access to the memory 7 or a portion of the RAM 8 by the external instruction preventing off chip instructions from including accessing on chip protected memory. Additionally, if an instruction from protected memory 7 or protected RAM 14 is accessed, the instruction acquisition signal from logic 20 and the address logic 23 is ANDed with the guard bits 3, 4, 5 and 6 in logic 12 to inhibit the external interface 11 while the instruction is on the data bus 10. This prevents peripheral circuitry from viewing what instructions are being accessed from protected memory.
A further security configuration is illustrated in FIG. 3. In this configuration, the CPU 1 is connected to a memory 7 and a RAM 8 via data bus 10 and address bus 9. In addition the address bus 9 and data bus 10 are connected to the external interface 11 which is controlled by external interface inhibit logic 12. Also connected to the address bus 9 is address logic 31. Guard bits 3, 4, 5 and 6 are located adjacent to the memory 7. In addition the invention allows a selected area of RAM symbolized by area 14 in RAM 8 to be protected. In this configuration, when a protected instruction is accessed from the memory 7 or protected RAM area 14, and the guard bits 3, 4, 5 and 6 are set, the external interface is disabled during any operation that allows access to this data on the address bus 9 and data bus 10. The address logic 31 monitors the CPU 1 via line 30 to determine when the source operand and destination operand are being fetched. This address logic 31 examines the address of the source operand and the destination operand to determine if either the source destination operand or destination operand originates from a protected memory area. If the operand is obtained from a protected area and the guard bits 3, 4, 5 and 6 are set, the inhibit logic 12 disables the external interface 11 for the address bus 9 and data bus 10 to prevent an external device from determining what the instruction operands are. In addition, a latch is set in inhibit logic 12 to continually disable the external interface 11 while the operation on the protected data is taking place. In addition, this data can be tagged. This can be accomplished by the address logic 31 setting an additional bit in memory for that operand when that operand is stored in a nonprotected memory. Therefore when this data is read from an unprotected memory, it contains the additional bit which tags it as protected data which causes the address logic 31 to generate a disable command over line 32 to the inhibit logic 12. The address logic 31 monitors the data bus 10 via line 33 to determine when tagged data is being accessed. When the tag bit is set for data, the latch in inhibit logic 12 is set. This latch is reset when protection is no longer being processed by CPU 1. In this manner, the data stored in memory 7 and selected portions of RAM memory 8 can be protected continually through the operations involving this data and furthermore, data which derives from the computation of protected data will become protected data and be secure from external examination. The tagged memory is a versatile protection scheme. Only memory that is tagged is protected (i.e. forces an inhibit of access) and untagged memory is not protected. The protection of memory is therefore a function of the program requiring protected memory.
Another variation of the tagged data protection technique involves the determination of the origin of the source and destination operands for each instruction. If the tag of either operand is set then the result of the instruction execution will be tagged and protected. The address logic 31 monitors the fetch of operands over the data bus 10 via line 33 as before. When either the source or destination operand is tagged, the CPU 1 will tag the result causing the inhibit logic 12 to disable the external interface 11 when the results are being stored. It should be noted that this tag technique does not require guard bits 3, 4, 5 and 6. Since the tag of each word in memory designates the security status, this variation allows for dynamic protected memory allocation. This feature is advantageous in programs where the requirements for protected or unprotected memory vary widely during program execution.
A mechanism that can be used to secure data stored in a ROM is illustrated by FIG. 4. FIG. 4 illustrates a simple metal oxide silicon field effect transistor (or insulated gate field effect transistor) including a gate area 40 placed above a gate oxide insulator 41 which is located between a source 42 and drain 44 on a semiconductor substrate 43. The area 45 between the source and drain and directly underneath the gate and gate insulator is normally considered to be the channel of the field effect transistor. That is, when the gate 40 becomes properly charged, a channel develops in area 45 allowing current flow between the source 42 and drain 44. A method of implanting described in U.S. Pat. No. 4,230,504 entitled "Method of Making Implant Programmable N Channel ROMs" can be used to inhibit a current flow between source and drain during normal operation of the field effect transistor. In other words, when the gate 40 is turned on, there will be no current conduction through the channel in area 45. Therefore, even though the gate 40 is present and turned on, the field effect transistor is off. Exterior examination of the field effect transistor cannot determine whether the field effect transistor device has been implanted by such a method. Therefore if a ROM is fabricated using such a technique, it is very difficult for someone other than the manufacturer to determine what the actual status of the ROM is by examining it physically. Of course, this is not to say that someone could not take the ROM apart and by using chemical analysis and probing, determine which of the field effect transistors have been so implanted. However, to do so is so expensive as to be prohibitive. Therefore, this technique can be used in programming on chip ROMs to prevent external examination of these ROMs by someone other than the manufacturer. Using this technique with the previously discussed configurations prevents both the physical examination of the ROM and the interrogation of the ROM using the on chip data and address buses. It should be noted that this technique, of course, is not applicable to EPROMs since EPROMs are electrically programmable and invisible on physical examination. However, this technique is applicable to manufactured ROMs that are not alterable.
The implant method can be used in manufacturing the ROM that contains the microcode for a computer chip. Such a computer configuration is described in U.S. patent application Ser. No. 253,644, filed 4-13-81, now U.S. Pat. No. 4,441,044 entitled "Self-Emulator Microcomputer" by Robert C. Thaden et al herein incorporated by reference. This application describes a computer configuration that contains both a program memory ROM and a control ROM. The program memory ROM contains the instructions for the program to be executed by the computer and is analogous to the EPROM 7 in FIGS. 1, 2 and 3. However, in addition this computer configuration described also includes a control ROM. The control ROM is used to decode the instructions contained in the program ROM into control signals which controls the operation of the central processing unit internal components. By fabricating both the program memory ROM and control ROM of such a computer chip using the implant through polysilicon technique, the onboard software program in the program memory ROM will be protected even though one might be able to find the contents of the actual ROM itself. Without knowing the microcode implementation (i.e., the instructions set for the computer) the actual program contents remain unknown. If this technique is combined with the other techniques including guard bits and instruction and data protection as previously described, the determination of the on chip program becomes extremely difficult if not impossible.
In addition to the above implementations, it should be apparent to one skilled in the art that these configurations can be used in combination with each other or with other protection techniques to provide software security. One embodiment would combine the guard bit configuration with the use of enciphered software stored externally. The software stored internally would decipher the external software and store the deciphered software in the internal RAM. The CPU then executes all the deciphered software stored internally. Besides deciphering, the internally stored nonvolatile memory may include interpretive software to interpret a higher order level language software stored externally. The interpreted programs are stored on the on chip RAM to be executed by the on chip RAM to be executed by the on chip CPU.

Claims (10)

What we claim is:
1. A digital processing device implemented on a single semiconductor substrate comprising:
a nonvolatile memory means for storing data and instructions that define data processing operations;
an information transfer means for transferring data and instructions;
a first inhibit logic means connected between said nonvolatile memory means and said information transfer means for selectively inhibiting transfer of data and instructions from said nonvolatile memory means to said information transfer means;
a central processing unit connected to said information transfer means for performing data processing operations defined by instructions received from said information transfer means;
at least one security bit register connected to said central processing unit, each security bit register having a state indicating a protected or nonprotected status of a corresponding portion of said nonvolatile memory means;
an external interface means connected to said information transfer means for transfer of data and instructions between said digital processing device and at least one external device;
an external interface inhibit logic means connected to said external interface means for selectively inhibiting transfer of data and instructions by said external interface means;
an instruction acquisition means connected to said information transfer means for indicating when data or instructions within said nonvolatile memory means are being accessed; and
a security control means connected to said information transfer means, said first inhibit logic means, said external interface inhibit logic means, said at least one security bit register and said central processing unit for determining when an instruction is being fetched and further connected to said instruction acquisition logic to indicate when a protected status portion of said nonvolatile memory means is being accessed and for selectively causing said first inhibit logic means and said external interface inhibit logic means to inhibit data and instruction transfer upon performance of selected operations by said central processing unit, thereby preventing unauthorized access to data and instructions stored in said protected, status portion of said nonvolatile memory means.
2. The digital processing system according to claim 1, wherein said security control means inhibits said first inhibit logic means when an instruction obtained from said external interface means is being executed in said central processing means.
3. A digital processing device implemented on a single semiconductor substrate comprising:
a nonvolatile memory means for storing data and instructions that define data processing operations;
an information transfer means for transferring data and instructions;
an inhibt logic means connected to said nonvolatile memory means and said information transfer means for selectively inhibiting transfer to data and instructions from said nonvolatile memory means to said information transfer means;
a central processing unit connected to said information transfer means for performing data processing operations defined by instructions received from said information transfer means;
at least one security bit register connected to said central processing unit, each security bit register having a state indicating a protected or nonprotected status of a corresponding portion of said nonvolatile memory means;
an external interface means connected to said lnformation transfer means for transfer of data and instructions between said digital processing device and at least one external device;
an instruction acquisition means connected to said information transfer means for indicating when data or instructions within said nonvolatile memory means are being accessed; and
a security control means connected to said information transfer means, said inhibit logic means, said at least one security bit register and said central processing unit for determining when an instruction is being fetched and further connected to said instruction acquisition logic to indicate when a protected status portion of said nonvolatile memory means is being accessed and for causing said inhibit logic means to inhibit data and instruction transfer from said nonvolatile memory means to said information transfer means upon performance of a memory access operation to said protected status portion of said nonvolatile memory means by said central processing unit in accordance with an instruction from said external interface means, thereby preventing unauthorized access to data and instructions stored in said protected status portion of said nonvolatile memory means.
4. The digital processing device according to claim 3, further comprising:
a temporary read/write memory means for temporary storage of data and instructions;
a second inhibit logic means connected between said temporary read/write memory means and said information transfer means for selectively inhibiting transfer of data and instructions between said temporary read/write means and said information transfer means; and
said security control means is further connected to said second inhibit logic means and further includes means for detecting when data or instructions within said temporary read/write memory means is being accessed and for selectively causing said second inhibit logic means to inhibit such a data and instruction transfer upon performance of a memory access operation by said central processing unit in accordance with an instruction form said external interface means, thereby preventing unauthorized access to data and instructions stored in said temporary read/write memory means.
5. The digital processing device according to claim 4, wherein each of said at least one security bit register is located adjacent to said corresponding portion of said nonvolatile memory means to prevent deprogramming of the security bit register without deprogramming said corresponding portion of said nonvolatile memory means.
6. The digital processing system according to claim 5, wherein said security bit register includes means to protect the security bit register from alteration.
7. The digital processing device according to claim 4, wherein a portion of said temporary read/write memory is accessible by said information transfer means and not inhibited by said security control means.
8. The digital processing device implemented according to claim 7, wherein said temporary memory includes a random access memory.
9. A digital processing device according to claim 7, wherein said security control means prohibits the transfer of information from a protected area in the nonvalatile memory or the temporary memory to an unprotected area in the temporary memory.
10. A digital processing device implemented on a single seniconductor substrate comprising:
a nonvolatile memory means for storing data and instructions that define data processing operations;
an information transfer means for transferring data and instructions;
a central processing unit connected to said information transfer means for performing data processing operations defined by instructions received from said information transfer means;
at least one seucrity bit register connected to said central processing unit, each security bit register having a state indicating a protected or nonprotected status of a corresponding portion of said nonvolatile memory means;
an external interface means connected to said information transfer means for transfer of data and instructions between said digital processing device and at least one external device;
an inhibit logic means connected to said external interface means for selectively inhibiting transfer of data and instruction by said external interface means;
an instruction acquisition means connected to said information transfer means for indicating when data or instructions within said nonvolatile memory means are being accessed; and
a security control means connected to said information transfer means, said inhibit logic means, said at least one security bit register and said central processing unit for determining when data or instructions from said external interface means is being accessed and for selectively causing said inhibit logic means to inhibit data and instruction transfer by said external interface means upon performance of an external interface means access operation by said central processing unit in accordance with an instruction from a protected status portion of said nonvolatile memory means, thereby preventing unauthorized access to data and instructions stored in said protected status portion of said nonvolatile memory means.
US06/393,954 1982-06-30 1982-06-30 Security bit for designating the security status of information stored in a nonvolatile memory Expired - Lifetime US4590552A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US06/393,954 US4590552A (en) 1982-06-30 1982-06-30 Security bit for designating the security status of information stored in a nonvolatile memory
JP58116271A JPS5911600A (en) 1982-06-30 1983-06-29 Digital processor with memory protecting function

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US06/393,954 US4590552A (en) 1982-06-30 1982-06-30 Security bit for designating the security status of information stored in a nonvolatile memory

Publications (1)

Publication Number Publication Date
US4590552A true US4590552A (en) 1986-05-20

Family

ID=23556925

Family Applications (1)

Application Number Title Priority Date Filing Date
US06/393,954 Expired - Lifetime US4590552A (en) 1982-06-30 1982-06-30 Security bit for designating the security status of information stored in a nonvolatile memory

Country Status (2)

Country Link
US (1) US4590552A (en)
JP (1) JPS5911600A (en)

Cited By (95)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4685056A (en) * 1985-06-11 1987-08-04 Pueblo Technologies, Inc. Computer security device
US4698750A (en) * 1984-12-27 1987-10-06 Motorola, Inc. Security for integrated circuit microcomputer with EEPROM
WO1988000372A1 (en) * 1986-07-07 1988-01-14 Lattice Semiconductor Corporation One-time programmable data security system for programmable logic device
US4761768A (en) * 1985-03-04 1988-08-02 Lattice Semiconductor Corporation Programmable logic device
EP0308219A2 (en) * 1987-09-18 1989-03-22 General Instrument Corporation Microcomputer with internal RAM security during external program mode
WO1989003081A1 (en) * 1987-10-02 1989-04-06 Sgs-Thomson Microelectronics S.A. Device for protecting memory areas of an electronic microprocessor system
US4852044A (en) * 1985-03-04 1989-07-25 Lattice Semiconductor Corporation Programmable data security circuit for programmable logic device
EP0411255A2 (en) * 1989-08-04 1991-02-06 Motorola, Inc. Memory system
US5057999A (en) * 1988-08-05 1991-10-15 Nippon Motorola, Ltd. Microprocessor having a protection circuit to insure proper instruction fetching
US5062075A (en) * 1986-11-07 1991-10-29 Oki Electric Industry Co., Ltd. Microcomputer having security memory using test and destruction routines
US5101374A (en) * 1988-05-19 1992-03-31 The United States Of America As Represented By The Director Of The National Security Agency Secure, fast storage and retrieval without interactive checking
US5123092A (en) * 1988-10-21 1992-06-16 Zenith Data Systems Corporation External expansion bus interface
US5182809A (en) * 1989-05-31 1993-01-26 International Business Machines Corporation Dual bus microcomputer system with programmable control of lock function
US5222231A (en) * 1989-04-28 1993-06-22 Kabushiki Kaisha Toshiba Data processing system having a resume function and an operating method thereof
US5251304A (en) * 1990-09-28 1993-10-05 Motorola, Inc. Integrated circuit microcontroller with on-chip memory and external bus interface and programmable mechanism for securing the contents of on-chip memory
US5293610A (en) * 1989-08-04 1994-03-08 Motorola, Inc. Memory system having two-level security system for enhanced protection against unauthorized access
US5319765A (en) * 1990-11-29 1994-06-07 Mitsubishi Denki Kabushiki Kaisha Semiconductor memory unit utilizing a security code generator for selectively inhibiting memory access
US5396471A (en) * 1993-03-29 1995-03-07 Kabushiki Kaisha Toshiba Data protection circuit
US5406519A (en) * 1991-11-25 1995-04-11 Hyundai Electronics Industries, Co., Ltd. Real-only memory device incorporating storage memory array and security memory array coupled to comparator circuirtry
US5421006A (en) * 1992-05-07 1995-05-30 Compaq Computer Corp. Method and apparatus for assessing integrity of computer system software
EP0661642A2 (en) * 1993-12-28 1995-07-05 Kabushiki Kaisha Toshiba Microcomputer with memory read protection
US5434999A (en) * 1988-11-09 1995-07-18 Bull Cp8 Safeguarded remote loading of service programs by authorizing loading in protected memory zones in a terminal
US5446864A (en) * 1991-11-12 1995-08-29 Microchip Technology, Inc. System and method for protecting contents of microcontroller memory by providing scrambled data in response to an unauthorized read access without alteration of the memory contents
WO1995027250A1 (en) * 1994-04-05 1995-10-12 Motorola Inc. Protection circuit for a microprocessor
US5459851A (en) * 1991-02-12 1995-10-17 Mitsubishi Denki Kabushiki Kaisha Dual-port memory with selective read data output prohibition
US5465341A (en) * 1992-10-23 1995-11-07 Vlsi Technology, Inc. Verifiable security circuitry for preventing unauthorized access to programmed read only memory
US5469557A (en) * 1993-03-05 1995-11-21 Microchip Technology Incorporated Code protection in microcontroller with EEPROM fuses
US5475762A (en) * 1991-10-11 1995-12-12 Kabushiki Kaisha Toshiba Computer with password processing function and password processing method of computer
US5500949A (en) * 1990-03-27 1996-03-19 Kabushiki Kaisha Toshiba Microprocessor system for inhibiting access to memory by checking specific address and specific codes
US5544083A (en) * 1992-04-27 1996-08-06 Kabushiki Kaisha Toshiba Password management method and apparatus
US5559989A (en) * 1987-10-02 1996-09-24 Sgs-Thomson Microelectronics, S.A. Device for protecting memory areas of an electronic microprocessor
WO1996038775A1 (en) * 1995-05-31 1996-12-05 Ast Research, Inc. A method and apparatus for limiting access to a nonvolatile memory device
US5586271A (en) * 1994-09-27 1996-12-17 Macrolink Inc. In-line SCSI bus circuit for providing isolation and bi-directional communication between two portions of a SCSI bus
US5615381A (en) * 1989-02-01 1997-03-25 Kabushiki Kaisha Toshiba Security for a data processing system having multiple distinct program instruction sections
US5642480A (en) * 1995-09-28 1997-06-24 Motorola, Inc. Method and apparatus for enhanced security of a data processor
US5644756A (en) * 1995-04-07 1997-07-01 Motorola, Inc. Integrated circuit data processor with selectable routing of data accesses
US5657473A (en) * 1990-02-21 1997-08-12 Arendee Limited Method and apparatus for controlling access to and corruption of information in computer systems
US5704039A (en) * 1994-07-25 1997-12-30 Motorola, Inc. Mask programmable security system for a data processor and method therefor
US5737760A (en) * 1995-10-06 1998-04-07 Motorola Inc. Microcontroller with security logic circuit which prevents reading of internal memory by external program
US5748940A (en) * 1995-08-17 1998-05-05 Compaq Computer Corporation Secure updating of non-volatile memory
GB2320855A (en) * 1996-12-31 1998-07-01 Motorola Inc Securing electronic information in a wireless communication device
US5809544A (en) * 1995-10-06 1998-09-15 Motorola, Inc. Microcontroller which limits access to internal memory
US5892683A (en) * 1993-03-31 1999-04-06 Altera Coporation Program compatibility recognition for a programmable logic device
US5953502A (en) * 1997-02-13 1999-09-14 Helbig, Sr.; Walter A Method and apparatus for enhancing computer system security
US5978915A (en) * 1994-12-20 1999-11-02 Sgs-Thomson Microelectronics S.A. Device for the protection of the access to memory words
US6041007A (en) * 1998-02-02 2000-03-21 Motorola, Inc. Device with programmable memory and method of programming
US6076149A (en) * 1997-02-14 2000-06-13 Motorola, Inc. Programmable logic device using a two bit security scheme to prevent unauthorized access
US6101586A (en) * 1997-02-14 2000-08-08 Nec Corporation Memory access control circuit
US6101255A (en) * 1997-04-30 2000-08-08 Motorola, Inc. Programmable cryptographic processing system and method
WO2001024054A1 (en) * 1999-09-30 2001-04-05 M-Systems Flash Disk Pioneers Ltd. Device, system and method for data access control
WO2001023987A1 (en) * 1999-09-30 2001-04-05 M-Systems Flash Disk Pioneers Ltd. Removable, active, personal storage device, system and method
US6240493B1 (en) 1998-04-17 2001-05-29 Motorola, Inc. Method and apparatus for performing access censorship in a data processing system
US6249872B1 (en) * 1996-02-09 2001-06-19 Intel Corporation Method and apparatus for increasing security against unauthorized write access to a protected memory
US20010042043A1 (en) * 1995-02-13 2001-11-15 Intertrust Technologies Corp. Cryptographic methods, apparatus and systems for storage media electronic rights management in closed and connected appliances
US20030069748A1 (en) * 1997-11-06 2003-04-10 Intertrust Technologies Corp. Methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information
US20030126421A1 (en) * 2001-12-31 2003-07-03 Nalawadi Rajeev K. Method and apparatus for modifying the contents of revision identification register
US20030140244A1 (en) * 2002-01-16 2003-07-24 Franck Dahan Secure mode for processors supporting MMU
US20030200406A1 (en) * 2002-04-17 2003-10-23 Matsushita Electric Industrial Co., Ltd. Nonvolatile semiconductor memory device and method for providing security for the same
US20040187019A1 (en) * 2003-02-04 2004-09-23 Matsushita Electric Industrial Co., Ltd. Information processing apparatus
US6948070B1 (en) 1995-02-13 2005-09-20 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
US20060087882A1 (en) * 2004-10-26 2006-04-27 Tom Kinsley Data retention kill function
US7062500B1 (en) 1997-02-25 2006-06-13 Intertrust Technologies Corp. Techniques for defining, using and manipulating rights management data structures
US7069451B1 (en) 1995-02-13 2006-06-27 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US20060177064A1 (en) * 2005-02-07 2006-08-10 Micky Holtzman Secure memory card with life cycle phases
US20060176068A1 (en) * 2005-02-07 2006-08-10 Micky Holtzman Methods used in a secure memory card with life cycle phases
US7095854B1 (en) 1995-02-13 2006-08-22 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US7120802B2 (en) 1996-08-12 2006-10-10 Intertrust Technologies Corp. Systems and methods for using cryptography to protect secure computing environments
US7124302B2 (en) 1995-02-13 2006-10-17 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US7133845B1 (en) 1995-02-13 2006-11-07 Intertrust Technologies Corp. System and methods for secure transaction management and electronic rights protection
US7133846B1 (en) 1995-02-13 2006-11-07 Intertrust Technologies Corp. Digital certificate support system, methods and techniques for secure electronic commerce transaction and rights management
US7143290B1 (en) 1995-02-13 2006-11-28 Intertrust Technologies Corporation Trusted and secure techniques, systems and methods for item delivery and execution
US20070011724A1 (en) * 2005-07-08 2007-01-11 Gonzalez Carlos J Mass storage device with automated credentials loading
US7165174B1 (en) 1995-02-13 2007-01-16 Intertrust Technologies Corp. Trusted infrastructure support systems, methods and techniques for secure electronic commerce transaction and rights management
US20070061897A1 (en) * 2005-09-14 2007-03-15 Michael Holtzman Hardware driver integrity check of memory card controller firmware
US20070061581A1 (en) * 2005-09-14 2007-03-15 Micky Holtzman Methods used in a secure yet flexible system architecture for secure devices with flash mass storage memory
US20070103193A1 (en) * 2005-11-08 2007-05-10 M2000 Configurable circuit with configuration data protection features
US20070133280A1 (en) * 2004-10-08 2007-06-14 Renesas Technology Corp. Semiconductor integrated circuit apparatus and electronic system
US20070188183A1 (en) * 2005-02-07 2007-08-16 Micky Holtzman Secure memory card with life cycle phases
US20080052524A1 (en) * 2006-08-24 2008-02-28 Yoram Cedar Reader for one time password generating device
US20080072058A1 (en) * 2006-08-24 2008-03-20 Yoram Cedar Methods in a reader for one time password generating device
US20080162947A1 (en) * 2006-12-28 2008-07-03 Michael Holtzman Methods of upgrading a memory card that has security mechanisms that prevent copying of secure content and applications
US7430670B1 (en) 1999-07-29 2008-09-30 Intertrust Technologies Corp. Software self-defense systems and methods
US20080256288A1 (en) * 2007-04-10 2008-10-16 Seiko Epson Corporation Microcomputer, electronic instrument, and flash memory protection method
US20090292853A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Apparatus and method for precluding execution of certain instructions in a secure execution mode microprocessor
US20090293130A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Microprocessor having a secure execution mode with provisions for monitoring, indicating, and managing security levels
US8307212B2 (en) 1996-08-12 2012-11-06 Intertrust Technologies Corp. Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels
US8533851B2 (en) 1996-08-30 2013-09-10 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
US8589749B1 (en) 2011-05-31 2013-11-19 Apple Inc. Memory content protection during scan dumps and memory dumps
US8639981B2 (en) 2011-08-29 2014-01-28 Apple Inc. Flexible SoC design verification environment
US8751793B2 (en) 1995-02-13 2014-06-10 Intertrust Technologies Corp. Trusted infrastructure support systems, methods and techniques for secure electronic commerce transaction and rights management
US8788886B2 (en) 2011-08-31 2014-07-22 Apple Inc. Verification of SoC scan dump and memory dump operations
US8826043B2 (en) 2000-09-10 2014-09-02 Sandisk Il Ltd. Removable, active, personal storage device, system and method
WO2017139010A3 (en) * 2015-12-07 2017-11-09 Cooke Laurence H Secure computing
US9846656B2 (en) 2013-04-17 2017-12-19 Laurence H. Cooke Secure computing
US10318768B2 (en) 2003-08-26 2019-06-11 Panasonic Intellectual Property Corporation Of America Program execution device

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2723885B2 (en) * 1985-10-02 1998-03-09 株式会社日立製作所 Semiconductor integrated circuit

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3742458A (en) * 1970-09-30 1973-06-26 Yokogawa Electric Works Ltd Memory protection system providing fixed, conditional and free memory portions corresponding to ranges of memory address numbers
US3827029A (en) * 1972-09-25 1974-07-30 Westinghouse Electric Corp Memory and program protection system for a digital computer system
US4093987A (en) * 1977-03-24 1978-06-06 International Business Machines Corporation Hardware control storage area protection method and means
US4135240A (en) * 1973-07-09 1979-01-16 Bell Telephone Laboratories, Incorporated Protection of data file contents
US4168396A (en) * 1977-10-31 1979-09-18 Best Robert M Microprocessor for executing enciphered programs
US4177510A (en) * 1973-11-30 1979-12-04 Compagnie Internationale pour l'Informatique, CII Honeywell Bull Protection of data in an information multiprocessing system by implementing a concept of rings to represent the different levels of privileges among processes
US4278837A (en) * 1977-10-31 1981-07-14 Best Robert M Crypto microprocessor for executing enciphered programs
US4319079A (en) * 1979-09-13 1982-03-09 Best Robert M Crypto microprocessor using block cipher
US4430709A (en) * 1980-09-13 1984-02-07 Robert Bosch Gmbh Apparatus for safeguarding data entered into a microprocessor
US4434464A (en) * 1980-04-01 1984-02-28 Hitachi, Ltd. Memory protection system for effecting alteration of protection information without intervention of control program

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS5931744B2 (en) * 1975-12-01 1984-08-03 インテル・コ−ポレ−シヨン MOS digital computer
JPS56100742U (en) * 1979-12-28 1981-08-08

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3742458A (en) * 1970-09-30 1973-06-26 Yokogawa Electric Works Ltd Memory protection system providing fixed, conditional and free memory portions corresponding to ranges of memory address numbers
US3827029A (en) * 1972-09-25 1974-07-30 Westinghouse Electric Corp Memory and program protection system for a digital computer system
US4135240A (en) * 1973-07-09 1979-01-16 Bell Telephone Laboratories, Incorporated Protection of data file contents
US4177510A (en) * 1973-11-30 1979-12-04 Compagnie Internationale pour l'Informatique, CII Honeywell Bull Protection of data in an information multiprocessing system by implementing a concept of rings to represent the different levels of privileges among processes
US4093987A (en) * 1977-03-24 1978-06-06 International Business Machines Corporation Hardware control storage area protection method and means
US4168396A (en) * 1977-10-31 1979-09-18 Best Robert M Microprocessor for executing enciphered programs
US4278837A (en) * 1977-10-31 1981-07-14 Best Robert M Crypto microprocessor for executing enciphered programs
US4319079A (en) * 1979-09-13 1982-03-09 Best Robert M Crypto microprocessor using block cipher
US4434464A (en) * 1980-04-01 1984-02-28 Hitachi, Ltd. Memory protection system for effecting alteration of protection information without intervention of control program
US4430709A (en) * 1980-09-13 1984-02-07 Robert Bosch Gmbh Apparatus for safeguarding data entered into a microprocessor

Cited By (189)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4698750A (en) * 1984-12-27 1987-10-06 Motorola, Inc. Security for integrated circuit microcomputer with EEPROM
US4852044A (en) * 1985-03-04 1989-07-25 Lattice Semiconductor Corporation Programmable data security circuit for programmable logic device
US4887239A (en) * 1985-03-04 1989-12-12 Lattice Semiconductor Corporation One-time programmable data security system for programmable logic device
US4761768A (en) * 1985-03-04 1988-08-02 Lattice Semiconductor Corporation Programmable logic device
US4685056A (en) * 1985-06-11 1987-08-04 Pueblo Technologies, Inc. Computer security device
WO1988000372A1 (en) * 1986-07-07 1988-01-14 Lattice Semiconductor Corporation One-time programmable data security system for programmable logic device
US5062075A (en) * 1986-11-07 1991-10-29 Oki Electric Industry Co., Ltd. Microcomputer having security memory using test and destruction routines
US5134700A (en) * 1987-09-18 1992-07-28 General Instrument Corporation Microcomputer with internal ram security during external program mode
EP0308219A3 (en) * 1987-09-18 1990-09-05 General Instrument Corporation Microcomputer with internal ram security during external program mode
EP0308219A2 (en) * 1987-09-18 1989-03-22 General Instrument Corporation Microcomputer with internal RAM security during external program mode
US5559989A (en) * 1987-10-02 1996-09-24 Sgs-Thomson Microelectronics, S.A. Device for protecting memory areas of an electronic microprocessor
WO1989003081A1 (en) * 1987-10-02 1989-04-06 Sgs-Thomson Microelectronics S.A. Device for protecting memory areas of an electronic microprocessor system
FR2621409A1 (en) * 1987-10-02 1989-04-07 Thomson Semiconducteurs DEVICE FOR PROTECTING THE MEMORY ZONES OF AN ELECTRONIC MICROPROCESSOR SYSTEM
US5101374A (en) * 1988-05-19 1992-03-31 The United States Of America As Represented By The Director Of The National Security Agency Secure, fast storage and retrieval without interactive checking
US5057999A (en) * 1988-08-05 1991-10-15 Nippon Motorola, Ltd. Microprocessor having a protection circuit to insure proper instruction fetching
US5123092A (en) * 1988-10-21 1992-06-16 Zenith Data Systems Corporation External expansion bus interface
US5434999A (en) * 1988-11-09 1995-07-18 Bull Cp8 Safeguarded remote loading of service programs by authorizing loading in protected memory zones in a terminal
US5615381A (en) * 1989-02-01 1997-03-25 Kabushiki Kaisha Toshiba Security for a data processing system having multiple distinct program instruction sections
US5430867A (en) * 1989-04-28 1995-07-04 Kabushiki Kaisha Toshiba Data processing system having a resume function and an operating method thereof
US5222231A (en) * 1989-04-28 1993-06-22 Kabushiki Kaisha Toshiba Data processing system having a resume function and an operating method thereof
US5182809A (en) * 1989-05-31 1993-01-26 International Business Machines Corporation Dual bus microcomputer system with programmable control of lock function
EP0411255A3 (en) * 1989-08-04 1991-07-03 Motorola, Inc. Memory system
GB2234611B (en) * 1989-08-04 1993-09-01 Motorola Inc Memory system
GB2234611A (en) * 1989-08-04 1991-02-06 Motorola Inc Memory protection
US5293610A (en) * 1989-08-04 1994-03-08 Motorola, Inc. Memory system having two-level security system for enhanced protection against unauthorized access
EP0411255A2 (en) * 1989-08-04 1991-02-06 Motorola, Inc. Memory system
US5657473A (en) * 1990-02-21 1997-08-12 Arendee Limited Method and apparatus for controlling access to and corruption of information in computer systems
US5500949A (en) * 1990-03-27 1996-03-19 Kabushiki Kaisha Toshiba Microprocessor system for inhibiting access to memory by checking specific address and specific codes
US5251304A (en) * 1990-09-28 1993-10-05 Motorola, Inc. Integrated circuit microcontroller with on-chip memory and external bus interface and programmable mechanism for securing the contents of on-chip memory
US5432950A (en) * 1990-09-28 1995-07-11 Motorola Inc. System for securing a data processing system and method of operation
US5319765A (en) * 1990-11-29 1994-06-07 Mitsubishi Denki Kabushiki Kaisha Semiconductor memory unit utilizing a security code generator for selectively inhibiting memory access
US5459851A (en) * 1991-02-12 1995-10-17 Mitsubishi Denki Kabushiki Kaisha Dual-port memory with selective read data output prohibition
US5475762A (en) * 1991-10-11 1995-12-12 Kabushiki Kaisha Toshiba Computer with password processing function and password processing method of computer
US5446864A (en) * 1991-11-12 1995-08-29 Microchip Technology, Inc. System and method for protecting contents of microcontroller memory by providing scrambled data in response to an unauthorized read access without alteration of the memory contents
US5406519A (en) * 1991-11-25 1995-04-11 Hyundai Electronics Industries, Co., Ltd. Real-only memory device incorporating storage memory array and security memory array coupled to comparator circuirtry
US5544083A (en) * 1992-04-27 1996-08-06 Kabushiki Kaisha Toshiba Password management method and apparatus
US5421006A (en) * 1992-05-07 1995-05-30 Compaq Computer Corp. Method and apparatus for assessing integrity of computer system software
US5465341A (en) * 1992-10-23 1995-11-07 Vlsi Technology, Inc. Verifiable security circuitry for preventing unauthorized access to programmed read only memory
US5469557A (en) * 1993-03-05 1995-11-21 Microchip Technology Incorporated Code protection in microcontroller with EEPROM fuses
US5396471A (en) * 1993-03-29 1995-03-07 Kabushiki Kaisha Toshiba Data protection circuit
US5892683A (en) * 1993-03-31 1999-04-06 Altera Coporation Program compatibility recognition for a programmable logic device
EP0661642A3 (en) * 1993-12-28 1998-04-15 Kabushiki Kaisha Toshiba Microcomputer with memory read protection
EP0661642A2 (en) * 1993-12-28 1995-07-05 Kabushiki Kaisha Toshiba Microcomputer with memory read protection
US5557743A (en) * 1994-04-05 1996-09-17 Motorola, Inc. Protection circuit for a microprocessor
WO1995027250A1 (en) * 1994-04-05 1995-10-12 Motorola Inc. Protection circuit for a microprocessor
US5704039A (en) * 1994-07-25 1997-12-30 Motorola, Inc. Mask programmable security system for a data processor and method therefor
US5586271A (en) * 1994-09-27 1996-12-17 Macrolink Inc. In-line SCSI bus circuit for providing isolation and bi-directional communication between two portions of a SCSI bus
US5978915A (en) * 1994-12-20 1999-11-02 Sgs-Thomson Microelectronics S.A. Device for the protection of the access to memory words
US8185473B2 (en) 1995-02-13 2012-05-22 Intertrust Technologies Corporation Trusted infrastructure support systems, methods and techniques for secure electronic commerce, electronic transactions, commerce process control and automation, distributed computing, and rights management
US7133845B1 (en) 1995-02-13 2006-11-07 Intertrust Technologies Corp. System and methods for secure transaction management and electronic rights protection
US7069451B1 (en) 1995-02-13 2006-06-27 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US7076652B2 (en) 1995-02-13 2006-07-11 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
US8751793B2 (en) 1995-02-13 2014-06-10 Intertrust Technologies Corp. Trusted infrastructure support systems, methods and techniques for secure electronic commerce transaction and rights management
US7095854B1 (en) 1995-02-13 2006-08-22 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US7100199B2 (en) 1995-02-13 2006-08-29 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US8543842B2 (en) 1995-02-13 2013-09-24 Intertrust Technologies Corporation System and methods for secure transaction management and electronics rights protection
US6948070B1 (en) 1995-02-13 2005-09-20 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
US7120800B2 (en) 1995-02-13 2006-10-10 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US7917749B2 (en) 1995-02-13 2011-03-29 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
US7844835B2 (en) 1995-02-13 2010-11-30 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
US7124302B2 (en) 1995-02-13 2006-10-17 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US7415617B2 (en) 1995-02-13 2008-08-19 Intertrust Technologies Corp. Trusted infrastructure support systems, methods and techniques for secure electronic commerce, electronic transactions, commerce process control and automation, distributed computing, and rights management
US7392395B2 (en) 1995-02-13 2008-06-24 Intertrust Technologies Corp. Trusted and secure techniques, systems and methods for item delivery and execution
US7281133B2 (en) 1995-02-13 2007-10-09 Intertrust Technologies Corp. Trusted and secure techniques, systems and methods for item delivery and execution
US7165174B1 (en) 1995-02-13 2007-01-16 Intertrust Technologies Corp. Trusted infrastructure support systems, methods and techniques for secure electronic commerce transaction and rights management
US7143290B1 (en) 1995-02-13 2006-11-28 Intertrust Technologies Corporation Trusted and secure techniques, systems and methods for item delivery and execution
US20020112171A1 (en) * 1995-02-13 2002-08-15 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US20010042043A1 (en) * 1995-02-13 2001-11-15 Intertrust Technologies Corp. Cryptographic methods, apparatus and systems for storage media electronic rights management in closed and connected appliances
US7133846B1 (en) 1995-02-13 2006-11-07 Intertrust Technologies Corp. Digital certificate support system, methods and techniques for secure electronic commerce transaction and rights management
US5644756A (en) * 1995-04-07 1997-07-01 Motorola, Inc. Integrated circuit data processor with selectable routing of data accesses
WO1996038775A1 (en) * 1995-05-31 1996-12-05 Ast Research, Inc. A method and apparatus for limiting access to a nonvolatile memory device
US5721877A (en) * 1995-05-31 1998-02-24 Ast Research, Inc. Method and apparatus for limiting access to nonvolatile memory device
US6085299A (en) * 1995-08-17 2000-07-04 Compaq Computer Corporation Secure updating of non-volatile memory
US5748940A (en) * 1995-08-17 1998-05-05 Compaq Computer Corporation Secure updating of non-volatile memory
US5642480A (en) * 1995-09-28 1997-06-24 Motorola, Inc. Method and apparatus for enhanced security of a data processor
US5737760A (en) * 1995-10-06 1998-04-07 Motorola Inc. Microcontroller with security logic circuit which prevents reading of internal memory by external program
US5809544A (en) * 1995-10-06 1998-09-15 Motorola, Inc. Microcontroller which limits access to internal memory
US6249872B1 (en) * 1996-02-09 2001-06-19 Intel Corporation Method and apparatus for increasing security against unauthorized write access to a protected memory
US7120802B2 (en) 1996-08-12 2006-10-10 Intertrust Technologies Corp. Systems and methods for using cryptography to protect secure computing environments
US8307212B2 (en) 1996-08-12 2012-11-06 Intertrust Technologies Corp. Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels
US7925898B2 (en) 1996-08-12 2011-04-12 Intertrust Technologies Corp. Systems and methods using cryptography to protect secure computing environments
US8533851B2 (en) 1996-08-30 2013-09-10 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
US5954817A (en) * 1996-12-31 1999-09-21 Motorola, Inc. Apparatus and method for securing electronic information in a wireless communication device
GB2320855A (en) * 1996-12-31 1998-07-01 Motorola Inc Securing electronic information in a wireless communication device
US5953502A (en) * 1997-02-13 1999-09-14 Helbig, Sr.; Walter A Method and apparatus for enhancing computer system security
US6101586A (en) * 1997-02-14 2000-08-08 Nec Corporation Memory access control circuit
US6076149A (en) * 1997-02-14 2000-06-13 Motorola, Inc. Programmable logic device using a two bit security scheme to prevent unauthorized access
US7062500B1 (en) 1997-02-25 2006-06-13 Intertrust Technologies Corp. Techniques for defining, using and manipulating rights management data structures
US6101255A (en) * 1997-04-30 2000-08-08 Motorola, Inc. Programmable cryptographic processing system and method
US6938021B2 (en) 1997-11-06 2005-08-30 Intertrust Technologies Corporation Methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information
US7110983B2 (en) 1997-11-06 2006-09-19 Intertrust Technologies Corporation Methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information
US20030069749A1 (en) * 1997-11-06 2003-04-10 Intertrust Technologies Corp. Methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information
US20030069748A1 (en) * 1997-11-06 2003-04-10 Intertrust Technologies Corp. Methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information
US7092914B1 (en) 1997-11-06 2006-08-15 Intertrust Technologies Corporation Methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information
US7143066B2 (en) 1997-11-06 2006-11-28 Intertrust Technologies Corp. Systems and methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information
US6041007A (en) * 1998-02-02 2000-03-21 Motorola, Inc. Device with programmable memory and method of programming
US6240493B1 (en) 1998-04-17 2001-05-29 Motorola, Inc. Method and apparatus for performing access censorship in a data processing system
US6499092B1 (en) 1998-04-17 2002-12-24 Motorola, Inc. Method and apparatus for performing access censorship in a data processing system
US7430670B1 (en) 1999-07-29 2008-09-30 Intertrust Technologies Corp. Software self-defense systems and methods
US6539380B1 (en) 1999-09-30 2003-03-25 M-Systems Flash Disk Pioneers Ltd. Device, system and method for data access control
US6324537B1 (en) * 1999-09-30 2001-11-27 M-Systems Flash Disk Pioneers Ltd. Device, system and method for data access control
WO2001024054A1 (en) * 1999-09-30 2001-04-05 M-Systems Flash Disk Pioneers Ltd. Device, system and method for data access control
WO2001023987A1 (en) * 1999-09-30 2001-04-05 M-Systems Flash Disk Pioneers Ltd. Removable, active, personal storage device, system and method
US9864535B2 (en) * 2000-09-10 2018-01-09 Innovative Memory Systems, Inc. Removable, active, personal storage device, system and method
US20140351607A1 (en) * 2000-09-10 2014-11-27 WiLAN, INC Removable, active, personal storage device, system and method
US8826043B2 (en) 2000-09-10 2014-09-02 Sandisk Il Ltd. Removable, active, personal storage device, system and method
US7036005B2 (en) * 2001-12-31 2006-04-25 Intel Corporation Method and apparatus for modifying the contents of revision identification register
US20030126421A1 (en) * 2001-12-31 2003-07-03 Nalawadi Rajeev K. Method and apparatus for modifying the contents of revision identification register
US7890753B2 (en) * 2002-01-16 2011-02-15 Texas Instruments Incorporated Secure mode for processors supporting MMU and interrupts
US7237081B2 (en) 2002-01-16 2007-06-26 Texas Instruments Incorporated Secure mode for processors supporting interrupts
US20030140245A1 (en) * 2002-01-16 2003-07-24 Franck Dahan Secure mode for processors supporting MMU and interrupts
US7120771B2 (en) 2002-01-16 2006-10-10 Texas Instruments Incorporated Secure mode for processors supporting MMU
US20030140244A1 (en) * 2002-01-16 2003-07-24 Franck Dahan Secure mode for processors supporting MMU
US6996692B2 (en) * 2002-04-17 2006-02-07 Matsushita Electric Industrial Co., Ltd. Nonvolatile semiconductor memory device and method for providing security for the same
US20030200406A1 (en) * 2002-04-17 2003-10-23 Matsushita Electric Industrial Co., Ltd. Nonvolatile semiconductor memory device and method for providing security for the same
US7523279B2 (en) * 2003-02-04 2009-04-21 Panasonic Corporation Information processing apparatus for accessing memory spaces including a user memory space and a secure memory space
US20040187019A1 (en) * 2003-02-04 2004-09-23 Matsushita Electric Industrial Co., Ltd. Information processing apparatus
US10607036B2 (en) 2003-08-26 2020-03-31 Panasonic Intellectual Property Corporation Of America Program execution device
US10970424B2 (en) 2003-08-26 2021-04-06 Panasonic Intellectual Property Corporation Of America Program execution device
US10318768B2 (en) 2003-08-26 2019-06-11 Panasonic Intellectual Property Corporation Of America Program execution device
US11651113B2 (en) 2003-08-26 2023-05-16 Panasonic Holdings Corporation Program execution device
EP3798874A1 (en) * 2003-08-26 2021-03-31 Panasonic Intellectual Property Corporation of America Program execution device
US20070133280A1 (en) * 2004-10-08 2007-06-14 Renesas Technology Corp. Semiconductor integrated circuit apparatus and electronic system
US8023344B2 (en) 2004-10-26 2011-09-20 Micron Technology, Inc. Data retention kill function
US20060294291A1 (en) * 2004-10-26 2006-12-28 Tom Kinsley Data retention kill function
US20100265781A1 (en) * 2004-10-26 2010-10-21 Micron Technology, Inc. Data retention kill function
US8565035B2 (en) 2004-10-26 2013-10-22 Round Rock Research, Llc Data retention kill function
US20090153181A1 (en) * 2004-10-26 2009-06-18 Micron Technology, Inc. Data retention kill function
US7751263B2 (en) 2004-10-26 2010-07-06 Micron Technology, Inc. Data retention kill function
US7164611B2 (en) * 2004-10-26 2007-01-16 Micron Technology, Inc. Data retention kill function
US20060087882A1 (en) * 2004-10-26 2006-04-27 Tom Kinsley Data retention kill function
US8908453B2 (en) 2004-10-26 2014-12-09 Round Rock Research, Llc Data retention kill function
US7477554B2 (en) 2004-10-26 2009-01-13 Micron Technology, Inc. Data retention kill function
US8108691B2 (en) 2005-02-07 2012-01-31 Sandisk Technologies Inc. Methods used in a secure memory card with life cycle phases
US8321686B2 (en) 2005-02-07 2012-11-27 Sandisk Technologies Inc. Secure memory card with life cycle phases
US20060176068A1 (en) * 2005-02-07 2006-08-10 Micky Holtzman Methods used in a secure memory card with life cycle phases
US20060177064A1 (en) * 2005-02-07 2006-08-10 Micky Holtzman Secure memory card with life cycle phases
US8423788B2 (en) 2005-02-07 2013-04-16 Sandisk Technologies Inc. Secure memory card with life cycle phases
US20070188183A1 (en) * 2005-02-07 2007-08-16 Micky Holtzman Secure memory card with life cycle phases
US8220039B2 (en) 2005-07-08 2012-07-10 Sandisk Technologies Inc. Mass storage device with automated credentials loading
US20070011724A1 (en) * 2005-07-08 2007-01-11 Gonzalez Carlos J Mass storage device with automated credentials loading
US7743409B2 (en) 2005-07-08 2010-06-22 Sandisk Corporation Methods used in a mass storage device with automated credentials loading
US7748031B2 (en) 2005-07-08 2010-06-29 Sandisk Corporation Mass storage device with automated credentials loading
US20070016941A1 (en) * 2005-07-08 2007-01-18 Gonzalez Carlos J Methods used in a mass storage device with automated credentials loading
US20070061897A1 (en) * 2005-09-14 2007-03-15 Michael Holtzman Hardware driver integrity check of memory card controller firmware
US8966284B2 (en) 2005-09-14 2015-02-24 Sandisk Technologies Inc. Hardware driver integrity check of memory card controller firmware
US20070061570A1 (en) * 2005-09-14 2007-03-15 Michael Holtzman Method of hardware driver integrity check of memory card controller firmware
US20070061581A1 (en) * 2005-09-14 2007-03-15 Micky Holtzman Methods used in a secure yet flexible system architecture for secure devices with flash mass storage memory
US7934049B2 (en) 2005-09-14 2011-04-26 Sandisk Corporation Methods used in a secure yet flexible system architecture for secure devices with flash mass storage memory
US20070061597A1 (en) * 2005-09-14 2007-03-15 Micky Holtzman Secure yet flexible system architecture for secure devices with flash mass storage memory
US20080215847A1 (en) * 2005-09-14 2008-09-04 Sandisk Corporation And Discretix Technologies Ltd. Secure yet flexible system architecture for secure devices with flash mass storage memory
US7536540B2 (en) 2005-09-14 2009-05-19 Sandisk Corporation Method of hardware driver integrity check of memory card controller firmware
US7260218B2 (en) * 2005-11-08 2007-08-21 M2000 Configurable circuit with configuration data protection features
US20070103193A1 (en) * 2005-11-08 2007-05-10 M2000 Configurable circuit with configuration data protection features
US20080052524A1 (en) * 2006-08-24 2008-02-28 Yoram Cedar Reader for one time password generating device
US20080072058A1 (en) * 2006-08-24 2008-03-20 Yoram Cedar Methods in a reader for one time password generating device
US20080162947A1 (en) * 2006-12-28 2008-07-03 Michael Holtzman Methods of upgrading a memory card that has security mechanisms that prevent copying of secure content and applications
US8423794B2 (en) 2006-12-28 2013-04-16 Sandisk Technologies Inc. Method and apparatus for upgrading a memory card that has security mechanisms for preventing copying of secure content and applications
US8316200B2 (en) * 2007-04-10 2012-11-20 Seiko Epson Corporation Microcomputer, electronic instrument, and flash memory protection method
US20080256288A1 (en) * 2007-04-10 2008-10-16 Seiko Epson Corporation Microcomputer, electronic instrument, and flash memory protection method
US8370641B2 (en) 2008-05-24 2013-02-05 Via Technologies, Inc. Initialization of a microprocessor providing for execution of secure code
US8910276B2 (en) 2008-05-24 2014-12-09 Via Technologies, Inc. Apparatus and method for precluding execution of certain instructions in a secure execution mode microprocessor
US20090292894A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Microprocessor having internal secure memory
US20090293132A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Microprocessor apparatus for secure on-die real-time clock
US8607034B2 (en) 2008-05-24 2013-12-10 Via Technologies, Inc. Apparatus and method for disabling a microprocessor that provides for a secure execution mode
US8615799B2 (en) 2008-05-24 2013-12-24 Via Technologies, Inc. Microprocessor having secure non-volatile storage access
US20090290712A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc On-die cryptographic apparatus in a secure microprocessor
US8522354B2 (en) * 2008-05-24 2013-08-27 Via Technologies, Inc. Microprocessor apparatus for secure on-die real-time clock
US8762687B2 (en) 2008-05-24 2014-06-24 Via Technologies, Inc. Microprocessor providing isolated timers and counters for execution of secure code
US20090292929A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Initialization of a microprocessor providing for execution of secure code
US8793803B2 (en) 2008-05-24 2014-07-29 Via Technologies, Inc. Termination of secure execution mode in a microprocessor providing for execution of secure code
US8819839B2 (en) 2008-05-24 2014-08-26 Via Technologies, Inc. Microprocessor having a secure execution mode with provisions for monitoring, indicating, and managing security levels
US20090293129A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Termination of secure execution mode in a microprocessor providing for execution of secure code
US8838924B2 (en) 2008-05-24 2014-09-16 Via Technologies, Inc. Microprocessor having internal secure memory
US20090293130A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Microprocessor having a secure execution mode with provisions for monitoring, indicating, and managing security levels
US20090292853A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Apparatus and method for precluding execution of certain instructions in a secure execution mode microprocessor
US20090292902A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Apparatus and method for managing a microprocessor providing for a secure execution mode
US20090292903A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Microprocessor providing isolated timers and counters for execution of secure code
US8978132B2 (en) 2008-05-24 2015-03-10 Via Technologies, Inc. Apparatus and method for managing a microprocessor providing for a secure execution mode
US9002014B2 (en) 2008-05-24 2015-04-07 Via Technologies, Inc. On-die cryptographic apparatus in a secure microprocessor
US20090292893A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Microprocessor having secure non-volatile storage access
US20090292931A1 (en) * 2008-05-24 2009-11-26 Via Technology, Inc Apparatus and method for isolating a secure execution mode in a microprocessor
US20090292904A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Apparatus and method for disabling a microprocessor that provides for a secure execution mode
US8589749B1 (en) 2011-05-31 2013-11-19 Apple Inc. Memory content protection during scan dumps and memory dumps
US8639981B2 (en) 2011-08-29 2014-01-28 Apple Inc. Flexible SoC design verification environment
US8788886B2 (en) 2011-08-31 2014-07-22 Apple Inc. Verification of SoC scan dump and memory dump operations
US10095636B2 (en) 2013-04-17 2018-10-09 Laurence H. Cooke Secure computing
US9846656B2 (en) 2013-04-17 2017-12-19 Laurence H. Cooke Secure computing
WO2017139010A3 (en) * 2015-12-07 2017-11-09 Cooke Laurence H Secure computing

Also Published As

Publication number Publication date
JPH0479021B2 (en) 1992-12-14
JPS5911600A (en) 1984-01-21

Similar Documents

Publication Publication Date Title
US4590552A (en) Security bit for designating the security status of information stored in a nonvolatile memory
US4521853A (en) Secure microprocessor/microcomputer with secured memory
US4521852A (en) Data processing device formed on a single semiconductor substrate having secure memory
US4603381A (en) Use of implant process for programming ROM type processor for encryption
US5892826A (en) Data processor with flexible data encryption
US5432950A (en) System for securing a data processing system and method of operation
US7444668B2 (en) Method and apparatus for determining access permission
US5237616A (en) Secure computer system having privileged and unprivileged memories
KR100319677B1 (en) Memory access control unit
US8473754B2 (en) Hardware-facilitated secure software execution environment
US5890199A (en) Data processor incorporating a ferroelectric memory array selectably configurable as read/write and read only memory
US7822979B2 (en) Method and apparatus for secure execution using a secure memory partition
US7228436B2 (en) Semiconductor integrated circuit device, program delivery method, and program delivery system
GB2503583A (en) Erasing memory protection-configuration region only if protected region is in an erased state
US11675526B2 (en) Memory-access control
JP4945053B2 (en) Semiconductor device, bus interface device, and computer system
US7657758B2 (en) Processing apparatus and integrated circuit to prevent illicit access and reverse engineering
US7146477B1 (en) Mechanism for selectively blocking peripheral device accesses to system memory
US7409251B2 (en) Method and system for writing NV memories in a controller architecture, corresponding computer program product and computer-readable storage medium
US7526655B2 (en) Microprocessor configuration and method for operating a microprocessor configuration
US11714647B2 (en) Resource allocation in a multi-processor system
US20210240870A1 (en) Cryptographic key distribution
US7353403B2 (en) Computer systems such as smart cards having memory architectures that can protect security information, and methods of using same
KR100327641B1 (en) Memory address management circuit for protecting memory from irrespective writing
CN112836245A (en) Access control device and processor comprising same

Legal Events

Date Code Title Description
AS Assignment

Owner name: TEXAS INSTRUMENTS INCORPORATED, 13500 NORTH CENTRA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST.;ASSIGNORS:GUTTAG, KARL M.;NUSSRALLAH, STEVE;REEL/FRAME:004036/0273

Effective date: 19820624

STCF Information on status: patent grant

Free format text: PATENTED CASE

FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

FPAY Fee payment

Year of fee payment: 4

FPAY Fee payment

Year of fee payment: 8

FPAY Fee payment

Year of fee payment: 12